aspose file tools
The moose likes Tomcat and the fly likes Tomcat & Multiple SSL Certificates Big Moose Saloon
  Search | Java FAQ | Recent Topics
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Reply Bookmark "Tomcat & Multiple SSL Certificates" Watch "Tomcat & Multiple SSL Certificates" New topic
Author

Tomcat & Multiple SSL Certificates

Isaac Martinez
Greenhorn

Joined: May 08, 2006
Posts: 1
posted private message
0
Quote
Goal: Intall two SSL certificates in the same server, but working for two
different IP addresses and domains.

I have:
- One server running Tomcat 5.5 over Windows.
- Two IP addresses.
- Two domains, one for each IP address.
- Two SSL certificates one for each domain.
- A keystore and alias for each certificate.

I think I need to configure two hosts (or virtual hosts, what's the
difference between these?), and setup two HTTPS connectors with IP based
scheema.

I tried using the following configuration:

<Service name="Catalina">
...
<Connector port="80" maxThreads="300" minSpareThreads="25"
maxSpareThreads="75" enableLookups="true" acceptCount="100"
redirectPort="443" connectionTimeout="20000"
disableUploadTimeout="true" />

<Connector port="443" name="72.3.245.1"
maxThreads="100" strategy="ms" maxHttpHeaderSize="8192"
emptySessionPath="true" useIPVHosts="tru"
scheme="https" secure="true" clientAuth="false"
keystoreFile="D:/jdk1.5.0_02/bin/key1"
keystorePass="pass1" sslProtocol = "TLS" />

<Connector port="443" name="72.32.93.2"
maxThreads="100" strategy="ms" maxHttpHeaderSize="8192"
emptySessionPath="true" useIPVHosts="true"
scheme="https" secure="true" clientAuth="false"
keystoreFile="D:/jdk1.5.0_02/bin/key2"
keystorePass="pass2" sslProtocol = "TLS" />

<Connector port="8009"
enableLookups="false" redirectPort="443" protocol="AJP/1.3" />

<Engine name="Catalina" defaultHost="localhost">

...

<Host name="72.3.245.1" appBase="webapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
</Host>

<Host name="72.3.245.2" appBase="webapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
...

</Engine>
...

</Service>


It didn't work at all, I have the first certificate on the first IP working.
But the second certificate just don't work because it gets the first
certificate not the second, so the domains don't match.

Any help on this is welcome, thank you.

Isaac Mart�nez Hatch
William Brogden
Author and all-around good cowpoke
Rancher

Joined: Mar 22, 2000
Posts: 12266
    
    1
posted private message
0
Quote
I've never done a configuration like that, but:

That does not match either of the virtual hosts - where did it come from?
Bill
 
I agree. Here's the link: http://ej-technologies/jprofiler - if it wasn't for jprofiler, we would need to run our stuff on 16 servers instead of 3.
 
subject: Tomcat & Multiple SSL Certificates
 
Similar Threads
[Update - Success] Adding SSL certificate to Server.xml
Tomcat manager not opening
Different log files for different services in tomcat
SSL implementation problem-keystore file not found
SSL + Servlet